by davbrown2 » Sat May 05, 2018 3:21 pm
I have just joined Sonic, using Fiber with the SmartRG SR515ac router.

I noticed a section on configuring IPSec in Advanced Settings - has anyone had success with this?

I am interested in connecting to a Netgear SRX5308, using this support instead of a Netgear FVS318G that is sitting behind the SmartRG.

I tried configuring it, but was puzzled because there are no control settings - i.e. way to enable/disable or connect/disconnect - and no status display.

At the SRX5308 end, I can see that it is trying to connect, and actually succeeded once (unless that was an artifact from a previous connection with the FVS318G), though I couldn't ping anything through the tunnel in other direction.

Thinking that the connection may have been an artifact, I disconnected it, and after that it never successfully connected again - the log at the SRX5308 showed:

[SRX5308] [IKE] ERROR: Phase 1 negotiation failed due to time up for <my Sonic IP addr>[500]. baaf4feefe8ffe54:c07579cf794f055f
[SRX5308] [IKE] INFO: Received Vendor ID: DPD
[SRX5308] [IKE] INFO: Beginning Identity Protection mode.
[SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: <WAN addr of the SRVX5308>[500]<=><my Sonic IP addr>[500]
[SRX5308] [IKE] INFO: remote configuration for identifier "<myhost>" found

I would be interested in hearing from anyone else who has tried this.